Back to Course

Pentesting AWS Environments with Pacu, CloudGoat, and ChatGPT

0% Complete
0/0 Steps
  1. Introduction

    About the course and author
  2. About using CloudGoat, Pacu, and ChatGPT
  3. Who this course is for
  4. Important quick note on AWS resource pricing
  5. [LAB] Create a billing alert to avoid surprise bills
  6. We want your feedback
  7. Setting up our lab environment
    Read this before installing Pacu/CloudGoat!
  8. [DEMO] Pacu [Option #1] Install with pip [Recommended]
  9. [DEMO] Pacu [Option #2] Use with Docker
  10. [DEMO] CloudGoat [Option #1] Install with Git
  11. [DEMO] CloudGoat [Option #2] Running with Docker
  12. [DEMO] Configuring AWS access credentials for CloudGoat
  13. [DEMO] Configuring AWS access credentials
  14. Getting started with Pacu
    Pacu Quick Start Guide
  15. IAM Privilege Escalation by Misconfiguration (Small / Easy)
    Scenario overview
  16. [DEMO] Admin privilege escalation demonstration
  17. [DEMO] Cleaning up our lab environment
  18. Vulnerable Lambda (Small / Easy)
    Scenario overview
  19. [DEMO] Creating our lab environment
  20. [DEMO] Exploiting vulnerable Lambda functions for admin access
  21. [DEMO] Cleaning up our lab environment
  22. [Cheat Sheet] Solution steps (CLI)
  23. [LAB] [CTF] Lambda SQLi PrivEsc to Access Secret
  24. IAM Privilege Escalation by Rollback (Small / Easy)
    Scenario overview
  25. [DEMO] Exploiting IAM versions
  26. [DEMO] Cleaning up our lab environment
  27. [Cheat Sheet] Solution steps (CLI)
  28. [LAB] [CTF] PrivEsc via IAM Version Rollback
  29. Cloud Breach via S3 (Small / Moderate)
    Scenario walkthrough
  30. [LAB] [DEMO] Exploiting EC2 to reach S3
  31. Preventing this exploit
  32. Cleaning up our lab environment
  33. [Cheat Sheet] Solution steps (CLI)
  34. IMDSv2 Compromise (SMALL / MODERATE)
    Scenario walkthrough
  35. [LAB] Compromise EC2 IMDSv2 with RCE
  36. [Cheat Sheet] Solutions Steps (CLI)
  37. ECS Takeover (Medium / Moderate)
    Scenario walkthrough
  38. [DEMO] ECS RCE exploit to get credentials
  39. [DEMO] ECS Takeover
  40. [DEMO] Cleaning up our lab environment
  41. [Cheat Sheet] Solution steps (CLI)
  42. Wrap-up and Key Takeaways
    What's next?
  43. We want your feedback
Lesson 44 of 43
In Progress

[DEMO] CI/CD Exploit

Christophe August 27, 2023

Responses

Your email address will not be published. Required fields are marked *

This site uses Akismet to reduce spam. Learn how your comment data is processed.